5 Steps to Avoid a Cryptolocker Ransomware Attack - NETSERVE365


Cryptolocker Ransomware attack
December 21, 2016

5 Steps to Avoid a Cryptolocker Ransomware Attack

No one is invincible, especially when it comes to ransomware. Ransomware has quickly emerged as one of the most dangerous cyber threats to both organizations and consumers. Cryptolocker ransomware is a type of malware Trojan that does exactly what the name says. The attack will encrypt a computer’s files and hold them for ransom until the user purchases a decryption key to regain access their personal information.

It’s a pretty scary situation. Especially, since the number of attacks continues to increase daily. The average consumer ransom demand has more than doubled since 2015. The average is now $679, which is up from $294. While the average is only in the hundreds for consumers, for businesses with infections hitting multiple areas at one time, this could costs an upwards of tens of thousands of dollars in ransom alone. Not to mention the substantial downtime and remediation costs that organizations experience during an attack. Money aside, cryptolocker ransomware not only causes monetary losses. Companies have experienced business-threatening downtime, reputation loss, customer loss, and the ultimate price – closing the doors to their business.

As we all know, data serves as the lifeblood of businesses all around the world. The risk is too high to not take preventative steps to secure your organization’s sensitive information. While ransomware cannot be prevented, businesses can stop it from succeeding with the proper preparation and solutions in place.

Below is a list of preventative steps to avoid a cryptolocker ransomware attack and the consequences that come along with it.

Cyber Security and Anti-Virus Protection

First and foremost, you need to put your first line of defense in place. A security software placed on your computer will keep guard for any suspicious activity and will try to prevent any malware infections before any damage is done. Managed service providers will include Anti-Virus protection into their services. They will supply 24/7/365 expert monitoring and management of functionality, configuration and alerts to ensure complete protection.

NetServe365’s anti-virus protection solution integrates into their monitoring platform to improve manageability and visibility for their clients. With one single view, our engineers can see what is going on in your network, what needs adjusted and if security alerts need responded to.

Monitor Traffic Flows

As we all know, firewalls are placed in front of your network to monitor and control the incoming and outgoing traffic flows. It will allow or block traffic based on a defined set of security rules. Monitoring your traffic flows with firewalls can help prevent massive malware infections, but these days they should not work alone. With 24/7/365 management and the inclusion of an intrusion prevention system (IPS) with your firewall will create next-generation protection from malware. While a firewall has pass rules that allow traffic through, an IPS works in the opposite way. It will deny access to traffic and drop packets that don’t fit within its rules. These two control devices, paired with continuous management can help your organization to quickly block attacks.

Restrict Access and educate employees

Restricting your employees access can cut off a large amount of risk within your system. It is important to restrict access to certain areas of the network, systems, and data to only what employees’ need for their work functions. Most infections are due to human error (clicking on links, opening emails, visiting harmful sites, etc.). A mix of restricting access and educating employees on the risks will do your company some good.

Back, Back, back it up

Preventative measures will only get you so far. There are many cases where ransomware will make it through your email/spam filters. To properly prepare for these cases, it is highly recommended that you run regular backups and store them in a safe, off-site location. If an attack were to occur, atleast you will be able to defer from data loss and recover your important information.

Disaster Recovery Planning

Last but not least (and possibly the most important), you must have a comprehensive disaster recovery plan in place. Your disaster recovery solution should plan for the worst possible situations. Within each of these situations you must discover your recovery time objective, recovery point objective, cost of downtime, a communication plan, and continuation actions. When you have these factors figured out, test your plan. Is your backup technology taking snapshots? Can you virtualize a server on the backup device? How long do these processes take?

So, what can we take away from above? Cryptolocker ransomware remains a heavy hitter in the world of cyberthreats, and will continue to be for years to come. Taking preventative steps, educating your employees, and having a holistic data backup and disaster recovery plan can help your organization fight against these nasty monsters.


Interested in learning more about ransomware? Check out these articles:

WordPress Appliance - Powered by TurnKey Linux